When derivatively classifying information, the listing of specific information that tells you what is classified is found in the Security Classification Guide (SCG).

Where the specific information is listed

  • The Security Classification Guide is the primary, authoritative source for derivative classifiers. It lays out, line by line, which elements of information about a program, system, operation, or activity are classified.
  • For each element, the SCG specifies the classification level (Confidential, Secret, Top Secret), the reason for classification, and the declassification or downgrading instructions.

Other authorized sources you may use

  • Properly marked source documents (for example, earlier reports, emails, or briefings that already carry classification markings) provide specific information you may extract or paraphrase.
  • Contractual documents like a DD Form 254 for cleared contractors may also point you back to the applicable SCGs and source documents that contain the detailed listings of what is classified.

Why the SCG is the main “listing”

  • Derivative classification training materials explicitly state that SCGs are the primary source of derivative classification guidance because they compile specific, approved decisions about what information is classified.
  • Using the SCG ensures consistency across documents and helps prevent both over‑classification and under‑classification by giving a clear, centralized listing of the information elements and their required markings.

TL;DR: When derivatively classifying information, go first to the applicable Security Classification Guide for the detailed listing of specific information and its required classification markings.